maketank/Froxlor
2
0
Fork 0
Code Pull Requests Releases Activity

Add Regex to check for invalid CAA entry

Browse Source
This commit is contained in:
Marc-André Kolly
2019-07-29 11:36:34 +02:00
parent 78ef2a4e23
commit bfb3fb0a92
3 changed files with 11 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
lib/Froxlor/Api/Commands/DomainZones.php
View File

@@ -139,8 +139,15 @@ class DomainZones extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resour
} elseif ($type == 'AAAA' && filter_var($content, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6) === false) {
$errors[] = $this->lng['error']['dns_aaaarec_noipv6'];
} elseif ($type == 'CAA' && ! empty($content)) {
// check that CAA content is enclosed in " "
$content = \Froxlor\Dns\Dns::encloseTXTContent($content);
$re = '/(?\'critical\'\d)\h*(?\'type\'iodef|issue|issuewild)\h*(?\'value\'(?\'issuevalue\'"(?\'domain\'(?=.{3,128}$)(?>(?>[a-zA-Z0-9]+[a-zA-Z0-9-]*[a-zA-Z0-9]+|[a-zA-Z0-9]+)\.)*(?>[a-zA-Z]{2,}|[a-zA-Z0-9]{2,}\.[a-zA-Z]{2,}))[;\h]*(?\'parameters\'(?>[a-zA-Z0-9]{1,60}=[a-zA-Z0-9]{1,60}\h*)+)?")|(?\'iodefvalue\'"(?\'url\'(mailto:.*|http:\/\/.*|https:\/\/.*))"))/';
preg_match($re, $content, $matches);
if (empty($matches)) {
$errors[] = $this->lng['error']['dns_content_invalid'];
} else {
// check that CAA content is enclosed in " "
$content = \Froxlor\Dns\Dns::encloseTXTContent($matches[0]);
}
} elseif ($type == 'CNAME' || $type == 'DNAME') {
// check for trailing dot
if (substr($content, - 1) == '.') {

1
lng/english.lng.php
View File

@@ -1892,6 +1892,7 @@ $lng['tasks']['backup_customerfiles'] = 'Backup job for customer %loginname%';
$lng['error']['dns_domain_nodns'] = 'DNS is not enabled for this domain';
$lng['error']['dns_content_empty'] = 'No content given';
$lng['error']['dns_content_invalid'] = 'DNS content invalid';
$lng['error']['dns_arec_noipv4'] = 'No valid IP address for A-record given';
$lng['error']['dns_aaaarec_noipv6'] = 'No valid IP address for AAAA-record given';
$lng['error']['dns_mx_prioempty'] = 'Invalid MX priority given';

1
lng/german.lng.php
View File

@@ -1543,6 +1543,7 @@ $lng['tasks']['backup_customerfiles'] = 'Datensicherung für Kunde %loginname%';
$lng['error']['dns_domain_nodns'] = 'DNS ist für diese Domain nicht aktiviert';
$lng['error']['dns_content_empty'] = 'Keinen Inhalt angegeben';
$lng['error']['dns_content_invalid'] = 'DNS Eintrag ungültig';
$lng['error']['dns_arec_noipv4'] = 'Keine gültige IP-Adresse für A-Eintrag angegeben';
$lng['error']['dns_aaaarec_noipv6'] = 'Keine gültige IP-Adresse für AAAA-Eintrag angegeben';
$lng['error']['dns_mx_prioempty'] = 'Ungültige MX Priorität angegeben';